Comprehensive View of Reducing Traffic and Mitigating DDoS Attacks in Fog Computing

This paper describes an approach that can be used to improve performance and robustness in the IoT ecosystem by detecting and mitigating attacks occurring at the Fog Computer layer of an IoT architecture. There are currently many IoT devices connected in the world today and billions of devices are expected to be connected to the network in the future. Large amounts of data from these devices will be generated and gathered every second. The traditional network structure which relies on a centralized system like the cloud becomes an inefficient solution for IoT data. Fog Computing is a model that extends cloud computing and its service layer to the edge of the network in order to solve cloud weaknesses such as latency. Fog Computing is a decentralized platform, which makes it ideal for IoT applications. Fog Computing is also the appropriate platform for critical IoT services, because of its high response time. We are also concerned with Distributed Denial of Service (DDoS) because DDoS attacks have been one of the biggest Internet security problems in the last ten years-- specifically, DDoS attacks targeting public web servers. DDoS identification is very difficult due to similarities between normal traffic and DDoS traffic. This work provides a flexible approach for DDoS detection and reduction of IoT traffic based on traffic flow features, which are classified by using a Self-Organizing Maps algorithm at the application layer inside Fog Computing. Self-Organizing Maps (SOM) is an unsupervised artificial neural network algorithm that can deal with a huge amount of data and network traffic, as well as to detect DDoS attacks.